package com.banmao.mall.controller.admin;

import com.banmao.mall.model.bo.admin.admin.ChangePasswordBO;
import com.banmao.mall.model.bo.admin.user.LoginBO;
import com.banmao.mall.model.pojo.Log;
import com.banmao.mall.model.vo.BaseRespVO;
import com.banmao.mall.model.vo.admin.DashboardVO;
import com.banmao.mall.model.vo.admin.user.InfoVO;
import com.banmao.mall.realm.MallToken;
import com.banmao.mall.service.admin.AdminService;
import com.banmao.mall.service.admin.SystemService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpRequest;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/admin")
public class AdminController {

    @Autowired
    AdminService adminService;
    @Autowired
    SystemService systemService;
    // 未认证重定向到登陆页面
    @RequestMapping("/auth/401")
    public BaseRespVO unAuthc() {

        return BaseRespVO.error("登陆啊魂淡", 401);
    }

    // 管理员登陆
    @RequestMapping("/auth/login")
    public BaseRespVO login(@RequestBody LoginBO loginBO, HttpServletRequest request) {
        System.out.println("访问了login页面");
        // 获取当前的用户
        Subject subject = SecurityUtils.getSubject();
        // 封装用户的登陆数据
        // 第三个参数不允许更改！！！
        MallToken token = new MallToken(loginBO.getUsername(), loginBO.getPassword(),"admin");

        //token.setRememberMe(true);

        try {
            subject.login(token);

            //xujingwei
            Log log = new Log();
            log.setAdmin(loginBO.getUsername());
            systemService.insertLog(log,request);
            return BaseRespVO.ok(subject.getSession().getId());

        } catch (UnknownAccountException e) {
            // 用户名不存在时
            return BaseRespVO.error("用户不存在", 401);

        } catch (IncorrectCredentialsException e) {
            // 密码不匹配时
            return BaseRespVO.error("密码不正确", 401);
        }

    }

    // 获取权限信息
    @RequestMapping("/auth/info")
    public BaseRespVO info(@RequestParam("token") String token) {

        //marketService.getInfo();
        System.out.println("访问了info页面");
        // 获取当前的用户
        Subject subject = SecurityUtils.getSubject();
        // 获取管理员ID
        Session session = subject.getSession();
        Integer adminId = (Integer) session.getAttribute("adminId");

        InfoVO infoVO = adminService.info(adminId);

        return BaseRespVO.ok(infoVO);
    }

    // 后台系统首页数据概览
    @RequestMapping("/dashboard")
    public BaseRespVO dashboard() {
        // 直接调用Service
        DashboardVO dashboardVO = adminService.dashboard();

        return BaseRespVO.ok(dashboardVO);
    }


    // 管理员登出
    @RequestMapping("/auth/logout")
    public BaseRespVO logout(HttpServletRequest request) {
        Subject subject = SecurityUtils.getSubject();

        //xujingwei
        Session session = subject.getSession();
        String adminUsername = (String) session.getAttribute("adminUsername");
        Log log = new Log();
        log.setAdmin(adminUsername);
        systemService.insertLogOut(log,request);
        subject.logout();

        return BaseRespVO.ok("");
    }


    // 管理员修改密码
    @RequestMapping("/profile/password")
    public BaseRespVO changePassword(@RequestBody ChangePasswordBO changePasswordBO) {

        if(changePasswordBO.getNewPassword().length() < 6) {
            return BaseRespVO.error("密码长度不能小于6位", 401);
        }
        if(!changePasswordBO.getNewPassword().equals(changePasswordBO.getNewPassword2())) {
            return BaseRespVO.error("两次新密码不一致", 401);
        }

        int result = adminService.changePassword(changePasswordBO);
        if(result == 0) {
            return BaseRespVO.error("修改失败", 502);
        } else if(result == -1) {
            return BaseRespVO.error("原密码不正确", 401);
        }

        return BaseRespVO.ok(null);
    }

}
